Ends on March 22
Note: This is a fast paced version of the original 4 day class, cut down to 2 days. To fit the entire training material within 2 days, some of the exercises have been replaced by demos which will be shown by the instructor. Students will receive FREE 1 month lab access to practice each exercise after the class.
Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices.
While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. The following is the syllabus for the class:
Host Discovery & Enumeration
OSINT & Asset Discovery
Hacking Application and CI Servers
Oracle Database Exploitation
Windows Vulnerabilities and Configuration Issues
Windows Desktop 'Breakout' and AppLocker Bypass Techniques
A/V & AMSI Bypass Techniques
Offensive PowerShell Tools and Techniques
Local Privilege Escalation
Post Exploitation Tips, Tools and Methodology
An Introduction into Active Directory Delegation
Pivoting, Port Forwarding and Lateral Movement Techniques*
Linux Vulnerabilities and Configuration Issues
File Share Hacks
Restricted Shells Breakouts
Breaking Hardened Webservers
Local Privilege Escalation
MongoDB, TTY, Reverse tunneling
Exploiting Insecure VPN Configurations
Who Should Take This Course
System Administrators, SOC analysts, Penetration testers, network engineers, security enthusiasts and anyone who wants to take their skills to next level.
While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. A further hands-on experience with common hacking tools such as Metasploit will also be beneficial, although, less advanced users can work their way up during the 30 days of complimentary lab access provided as part of the class.
The only requirement for this class is that you must bring your own laptop and have admin/root access on it. During the class, we will give you VPN access to our state-of-art Hacklab which is hosted in our data-center in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab. So, you don't need to bring any VMs with you. All you need is admin access to install the VPN client and once connected, you are good to go!
What Students Should Bring
Please see student requirement section above.
What Students Will Be Provided With
Access to a hacking lab not just during the course but for 30 days after the class too. This gives them plenty of time to practice the concepts taught in the class. The lab contains a wide variety of challenges from local privilege escalation to VLAN hopping etc. Numerous scripts and tools will also be provided during the training, along with student hand-outs.
Anant Shrivastava is an information security professional with 10+ yrs of corporate experience with expertise in Network, Mobile, Application and Linux Security. He is Regional Director Asia Pacific for NotSoSecure Global Services, he has trained ~600 delegates at various conferences (Blackhat all 3 editions, Nullcon, g0s, c0c0n). Anant also leads Open Source project Android Tamer (www.androidtamer.com) and CodeVigilant (www.codevigilant.com). His work can be found at anantshri.info